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AMEIVDMENTS TO THE CLAIMS 

This listing of claims replaces all prior versions, and listings, of claims in the apphcation: 
Listing of Claims: 

1 . (Currently Amended) At a computer system including system memory and one or 
more processors, the computer system connected to one or more other computer systems via a 
computer network, the computer system also including a distributed apphcation component of a 
distributed application, one or more other distributed application components of the distributed 
application being included at the one or more other computer systems, the distributed application 
component and the one or more other distributed application components configured to 
interoperate to implement the functionality of the distributed application, the computer system 
and each of the one or more other computer systems having computer system measurable aspects 
indicating a configuration for use in machine authentication, the distributed apphcation 
component and each of the one or more other distributed apphcation c omponents of th e 
distributed application h avmg apphcation measurable aspects indicating a configuration for use 
in application authentication,[[ ,]] a method for providing information that can be used to 
securely verify measurable aspects of the distributed application component, the method 
comprising: 

an act of the distributed application component sending communication to another 
computer system, the other computer system selected fi-om among the one or more other 
computer systems, the communication requesting access to a resource imder the control 
of another distributed application componen t, selected &om among the one or more other 
distributed application components, of the distributed apphcation that is at the other 
computer system; 

an act of the computer system and the other distributed application component 
conducting application authentication so that the computer system can verify the identity 
of the other distributed application component, application authentication including the 
computer system receivmg proof firom flie other distributed apphcation component that 
the other distributed apphcation component complies with one or more security policies 
of the computer system; 
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an act of the computer system accessing information that indicates how to prove 
an appropriate configuration, fi-om among one or more appropriate configurations, to 
access the resource in accordance with the one or more security policies subsequent to 
and in response to successfully conducting application authentication, the accessed 
information indicating that one or more application measurable aspects of the distributed 
apphcation component and one or more computer system measurable aspects of the 
computer system are to be verified to prove that the combination of the distributed 
application component and the computer system provide an appropriate configuration to 
interoperate with the otiier distributed application component to access the resource; 

an act of the processor formulating an assertion that can used to verify the one or 
more application measurable aspects and the one or more computer system measurable 
aspects, the assertion representing identity values for the one or more application 
measureable aspects and representing environment values for the one or more computer 
system measurable aspects, the identity values expressly indicating the identity and the 
functionality of portions of computer-executable instructions included the distributed 
application component, the environment values identifying the execution environment at 
the computer system; and 

an act of sending the formulated assertion for verification. 

Claim 2. (Cancelled). 

3. (Previously Presented) The method as recited in claim 1 , fiarther comprising: 

an act of receiving a request for proof tiiat the distributed apphcation component 
and the computer system are appropriately configured to interoperate with the other distiibuted 
apphcation component to access the resource , the request being received prior to accessing 
information that indicates how to prove an appropriate configuration. 

4. (Previously Presented) The method as recited in claim 1, wherein the act of 
accessing information that indicates how to prove an appropriate configuration comprises an act 
of accessing administrative poUcies associated with the resource. 
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5. (Previously Presented) The method as recited in claim 1, wherein act of accessing 
information that indicates how to prove an appropriate configuration comprises an act of 
accessing receiving a message firom a verification module. 

Claim 6. (Cancelled). 

7. (Previously Presented) The method as recited in claim 1, wherein the act of 
accessing information that indicates how to prove an appropriate configuration comprises an act 
of accessing a request for values associated with one or more of an assembly, a hardware 
component, a platform, an environment variable, a call stack, and a data stream. 

8. (Previously Presented) The method as recited in claim 7, wherein the request for 
values comprises a request for the values associated with the one or more application measurable 
aspects. 

9. (Previously Presented) The method as recited in claim 8, wherein the request for 
the values of the one or more application measurable aspects comprises a request for the identity 
of one or more portions of executable instructions at the requester. 

10. (Previously Presented) The method as recited in claim 1, wherein the act of 
accessing information that indicates how to prove an appropriate configuration comprises an act 
of accessing a request for byte values included in the computer-executable instructions of a 
specified version of the distributed application.. 

Claim 11. (Cancelled). 

12. (Currently Amended) The method as recited in claim [[6]]i, wherein the act of 
accessing information that indicates how to prove an appropriate configuration comprises an act 
of a accessing a request for a digest of the one or more application measurable aspects. 

Claims 13 and 14 (Cancelled). 
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15. (Previously Presented) The method as recited in claim 1, wherein the assertion is 
formulated proof that can be used to verify byte values included in the computer-executable 
instructions of a specified version of the distributed application. 

Claim 16. (Cancelled). 

17. (Previously Presented) The method as recited in claim 1, wherein the assertion is 
formulated proof tiiat the distributed application component is to execute in a compartmentalized 
environment. 

1 8. (Previously Presented) The method as recited in claim 1, wherein the assertion is 
formulated proof that the distributed appUcation component has access to one or more of an 
assembly, a hardware component, a platform, an environment variable, a call stack, or a data 
stream. 

Claim 19. (Cancelled). 

20. (Previously Presented) The method as recited in claim 1, wherein the assertion is 
a digest representing the values of the one or more application measurable aspects. 

21. (Previously Presented) The method as recited in claim 1, wherein the assertion is 
formulated proof that indicates at least one: of compliance with one or more required policies or 
that distributed application component is not a virus, or that the distributed application 
component is not an intruder. 

22. (Previously Presented) The method as recited in claim 1, wherein the assertion is 
formulated proof that the distributed application component is configured in accordance with at 
least one pre-determined configuration. 
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23. (Previously Presented) The method as recited in claim 1, further comprising: 
an act of digitally signing the assertion. 

24 (Previously Presented) The method as recited in claim 23, wherein the assertion 
is signed using a private key as proof that the assertion can be validated by a group public key. 

25. (Previously Presented) The method as recited in claim 23, wherein the assertion 
is signed using a per-machine key that identifies the module. 

26. (Previously Presented) The method as recited in claim 23, wherein the assertion 
is signed using a zero knowledge algorithm. 

27. (Previously Presented) The method as recited in claim 23, wherein the assertion 
is signed using a hardware-based key. 

28. (Previously Presented) The method as recited in claim 23, wherein the assertion 
is signed using a communication channel key. 

29. (Previously Presented) The method as recited in claim 23, wherein the act of 
digitally signing the formulated proof comprises an act of digitally signing bytes taken fix>m one 
or more identified code regions of computer-executable instructions within the distributed 
application. 

30. (Original) The method as recited in claim 1, wherein the act of sending the 
formulated assertion to the verification module comprises sending the formulated assertion to a 
token service. 

3 1 . (Previously Presented) The method as recited in claim 1 , further comprising: 

an act of receivmg a token that represents proof that the combination of the 
distributed application component and the computer system are appropriately 
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configuration to interoperate with the other distributed apphcation component to access 
the resource. 

32. (Previously Presented) The method as recited in claim 1, wherein 

the one or more appropriate configurations are have been pre-determined to be 
appropriate for accessing the resource. 

Claims 33-52. (Cancelled). 
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53. (Currently Amended) A computer program product for use in a computer system, 
the computer system connected to one or more other computer systems via a computer network, 
the computer system also including a distributed application component of a distributed 
application, one or more other distributed application components of the distributed application 
being included at the one or more other computer systems, the distributed application component 
and the one or more other distributed application components configured to interoperate to 
implement the functionality of the distributed application, the computer system and each of the 
one or more other computer systems having computer system measurable aspects indicating a 
configuration for use in machine authentication, the distributed application component and each 
of the one or more other distributed application c omponents of the distribut e d appUcation having 
application measurable aspects indicating a configuration for use in application authentication, 
the computer program product for implementing a method for providing information that can be 
used to securely verify measvurable aspects of the distributed application component, the 
computer program product comprising one or more computer-readable storage media having 
stored thereon computer-executable instructions that, when executed by a processer, cause the 
computer system to perform tiie method, including following: 

send communication to another computer system, the other computer system 
selected fixjm among the one or more other computer systems, the communication 
requesting access to a resource under the control of another distributed application 
componen t, selected from among the one or more other distributed apphcation 
components, of the distribut e d apphcation that is at the other computer system; 

conduct apphcation authentication with the other distributed apphcation 
component so that the computer system can verify the identity of the other distributed 
application component, application authentication including the computer system 
receiving proof from the other distributed application component that the other 
distributed apphcation component complies with one or more security pohcies of the 
computer system; 

the computer system accessing information that indicates how to prove an 
appropriate configuration, from among one or more appropriate configurations, to access 
the resource in accordance with the one or more security policies subsequent to and in 
response to successfully conducting application authentication, the accessed information 
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indicating that one or more application measurable aspects of the distributed application 
component and one or more computer system measurable aspects of the computer system 
are to be verified to prove that the combination of the distributed appUcation component 
and the computer system provide an appropriate configuration to interoperate with the 
other distributed application component to access the resource; 

formulate an assertion that can used to verify the one or more application 
measurable aspects and the one or more computer system measurable aspects, the 
assertion representing identity values for the one or more application measureable aspects 
and representing environment values for the one or more computer system measurable 
aspects, the identity values expressly indicating the identity and the functionality of 
portions of computer-executable instructions included the distributed application 
component, the environment values identifying the execution environment at the 
computer system; and 

send the formulated assertion for verification. 

Claim 54. (Cancelled). 
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55 . (Currently Amended) A computer system, the computer system comprising: 

system memory; 

one or more processors; and 

one or more computer-readable media having stored thereon computer-executable 
instructions representing an application authentication module, a machine authentication module, 
and a distributed application component of a distributed application, wherein the machine 
authentication module configured to: 

conduct machine authentication with other computer systems, including 

estabUshing a Secure Sockets Layer (SSL) connection between the computer system and 

the other computer systems; 

wherein the application authentication module is configured to: 

conduct application authentication with other distributed application components 
of the distributed appUcation at other computer systems after the other computer systems 
have been authenticated using machine authentication so that the computer system can 
verify the identity of the other distiibuted application components, application 
authentication including the computer system receiving proof firom the other distributed 
application components that the other distributed application components comply with 
one or more security poUcies of the computer system; and 
wherein the distributed application component is configured to: 

send communication to other computer systems that include a distributed 
application component for the distributed application, the communication requesting 
access to a resource under the control of another distributed application component at the 
other computer system; 

access information that indicates how to prove an appropriate configuration, firom 
among one or more appropriate configurations, to access the resource in accordance with 
the one or more security poHcies subsequent to and in response to successfiiUy 
conducting application authentication, the accessed information indicating that one or 
more application measurable aspects of the distributed application component, including 
access to specified byte values &om within specified locations in computer-executable 
instructions of the distributed application, and one or more computer system measurable 
aspects of the computer system, including specified values for specified execution 
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environment variables, are to be verified to prove that the combination of the distributed 
apphcation component and the computer system provide an appropriate execution 
environment for interoperating with the other distributed application component to access 
the resoiirce; 

formulate an assertion that can used to verify the one or more application 
measurable aspects and the one or more computer system measurable aspects, the 
assertion including the specified byte values fi-om within the specified locations in 
computer-executable instructions and the specified values for the specified execution 
environment variables; 

send the formulated assertion for verification; 

receive a token representing that the combination of the distributed application 
component and the computer system do provide an appropriate execution environment 
for interoperating with the other distiibuted application component to access the 
resource; and 

submit the token to the other computer system so that the other computer system 
can verify that the combination of the distributed application component and the 
computer system do provide an appropriate execution environment for accessing the 
resource based on the context of the token. 
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